U.S. Congress Launches Inquiry Into iOS Apps’ Privacy Lapse

March 23, 2012

Members of Congress are done waiting around on Apple to take up the casual offer from Sen. Charles Schumer to discuss the recently reported loophole in iPhone apps that gives developers access to users’ contact list and private photos. Henry A. Waxman, the ranking member of the Energy and Commerce Committee, and G.K. Butterfield, the ranking member of the Commerce, Manufacturing, and Trade Subcomittee, sent letters to 34 vendors of social apps for Apple’s iOS devices regarding their policies on collecting information from users.

The letters, which were nearly identical for each recipient, include potentially incendiary questions about the app’s user statistics – something I’d be surprised to see the app bosses readily hand over. Some examples:

Did you have a privacy policy in place for your iOS app at the end of February 2012? If so, please tell us when your iOS app was first made available in Apple’s App Store and when you first had a privacy policy in place. In addition, please describe how that policy is made available to your app users and please provide a copy of the most recent policy.

Have you at any time stored information from or about a users’ address book? If so, which field? Also, please describe all measures taken to protect or secure that information during storage and thee periods of time during which those measures were in effect.

To the extent you store any address book information or any of the information in question 5, please describe all purposes for which you store or use that information, the length of time for which you keep it, and your policies regarding sharing of that information.

Expect a lot of deferrals to a Terms of Service page from several if not all of these app developers. Curiously, no mention of Android or Google is made in the letters despite Android apps being found to also be guilty of allowing apps with the photo-accessing loophole to be distributed through Google Play née Android Market.